Does the recently announced DROWN SSL attack affect Exchange?
ANSWER:
Windows 2012 and later IIS versions are not affected. OSes with IIS versions earlier are and SSL ciphers affected should be disabled per Microsoft KB245030 – Click HERE.